Android: Mobile browsers being used to mine cryptocurrency
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Android: Mobile browsers being used to mine cryptocurrency

Researchers discovered three Android apps using two different miners.

Mining cryptocurrency is all the rage right now. We talked about what mining cryptocurrency means a few weeks ago, and now it’s back in the news.

For those of you who didn’t read our last piece, or who don’t already have an idea, mining cryptocurrency involves putting in the requisite work to solve a block in the blockchain and receive the reward. There’s a lot to unpack there. Blockchain is the backbone of cryptocurrency. It’s essentially a running cryptographic ledger that tracks all of the cryptocurrency’s movement. As transactions are added to the ledger, there are miners that are using their computing power to find a value that will close off that block and start a new one. When a block is closed, the miners receive a reward in the form of cryptocurrency.

However, when I say computing power I don’t mean you can set up your laptop and start providing proof of work. It takes massive amounts of computing power. When done in a legitimate sense, people tend to group their computing power together and split the pot.

When done illegitimately, hackers spread malware to take over peoples’ computers and then siphon off part of their computing power to help solve the block.

Mining Using Android Phones

Researchers from Trend Micro recently discovered three Android apps with mining malware included. Two of them: Recitiamo Santo Rosario Free and SafetyNet Wireless use an in-browser Monero miner called “Coinhive.” The other: Car Wallpaper HD, includes a malicious version of cpuminer.

Coinhive has responded by releasing a new version of its mining software that runs scripts from a domain that requires computers to register themselves. Unfortunately, older versions of the malware are still supported.

Google has already removed the apps from its Play Store.

1 comment
  • Cool I’d love to download the one with CPUminer so I could analyize the traffic with wireshark, decompile the app with APKtool and find out to what wallet and/or which pools this miner mines to. I’m friends with a lot of pool owners, i’d have the wallet banned and coins withheld within 3 days.

    If they’re (likely) mining through a proxy server (probably a domain, maybe hardwired IP address) this would be even more fun for me because I’m an ethical hacker by trade… always happy for some target practice 🙂

    I think i’d start by sending a bunch of incorrect algo hashes to the proxy, which would be redirected to the mining pool and eventually the mining pool would ban the IP of the proxy server. Please don’t hesitate to post APKs of these things! 🙂

Leave a Reply

Your email address will not be published. We will only use your email address to respond to your comment and/or notify you of responses. Required fields are marked *

Captcha *


Patrick Nohe

Patrick started his career as a beat reporter and columnist for the Miami Herald before moving into the cybersecurity industry a few years ago. Patrick covers encryption, hashing, browser UI/UX and general cyber security in a way that’s relatable for everyone.